#!/bin/bash
export PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/root/bin

# get gateway
mygw=$(ip a |grep 'inet 10.' |awk -F'[ /]' '{print $6}' |awk -F'.' '{print $1"."$2"."$3".254"}')
myip=$(ip a |grep 'inet 10.' |awk -F'[ /]' '{print $6}')

# config route 
echo "- config route: add route ..."
if ! (route -n | egrep '^10\.0\.0\.0 ' &> /dev/null) ; then
    route add -net 10.0.0.0/8 gw $mygw
fi
if ! (route -n | egrep '^172\.16\.0\.0 ' &> /dev/null) ; then
    route add -net 172.16.0.0/12 gw $mygw
fi
if ! (route -n | egrep '^192\.168\.0\.0 ' &> /dev/null) ; then
    route add -net 192.168.0.0/16 gw $mygw
fi

echo "- config route: add static route ..."
if ! egrep '^any net 10.0.0.0/8' /etc/sysconfig/static-routes &>/dev/null ; then  
    echo "any net 10.0.0.0/8 gw $mygw" >> /etc/sysconfig/static-routes
fi
if ! egrep '^any net 172.16.0.0/12' /etc/sysconfig/static-routes &>/dev/null ; then 
    echo "any net 172.16.0.0/12 gw $mygw" >> /etc/sysconfig/static-routes
fi
if ! egrep '^any net 192.168.0.0/16' /etc/sysconfig/static-routes &>/dev/null ; then
    echo "any net 192.168.0.0/16 gw $mygw" >> /etc/sysconfig/static-routes
fi

echo "- add dns"
if ! egrep '^nameserver 10.100.1.145' /etc/resolv.conf &>/dev/null ; then
    echo 'nameserver 10.100.1.145' >> /etc/resolv.conf
fi
if ! egrep '^nameserver 10.100.1.235' /etc/resolv.conf &>/dev/null ; then
    echo 'nameserver 10.100.1.235' >> /etc/resolv.conf
fi

echo "- kernel params adjust ..."

echo "- limits ..."
if ! egrep '^\* soft nofile' /etc/security/limits.conf &>/dev/null ; then
    echo "* soft nofile 65535" >> /etc/security/limits.conf
    echo "* hard nofile 65535" >> /etc/security/limits.conf
fi

echo "- yum repo ..."
curl -s http://mirrors.hunantv.com/install_hunantv_repo.sh | sh

echo "- yum base rpms (ntpdate, proxychains, python-setuptools, python-meld3...) ..."
yum -y install wget ntpdate man proxychains python-setuptools python-meld3 python-devel

echo "- ntp adjust ..."
mkdir -p /opt/scripts
if ! [ -f /opt/scripts/ntp-sync.sh ]; then
    wget -q http://mirrors.hunantv.com/d/ntp-sync.sh -O /opt/scripts/ntp-sync.sh
    chmod +x /opt/scripts/ntp-sync.sh
    echo "07 */1 * * * /opt/scripts/ntp-sync.sh " >> /var/spool/cron/root
fi

echo "- install pip ..."
proxychains easy_install pip

if ! [ -f /root/.pip/pip.conf ]; then
    mkdir -p /root/.pip
    echo '
[global]
index-url = http://mirrors.aliyun.com/pypi/simple/
[install]
trusted-host=mirrors.aliyun.com
' >> /root/.pip/pip.conf
fi

echo "- install and config supervisor .."
proxychains pip install supervisor redis chardet

mkdir -p /etc/supervisord.conf.d
if ! [ -f /etc/supervisord.conf ]; then
    wget -q http://mirrors.hunantv.com/d/supervisord.conf -O /etc/supervisord.conf
fi

echo "- java install ..."
if ! [ -d /opt/app/jdk1.7.0_45 ]; then
    mkdir -p /opt/app
    wget -q http://mirrors.hunantv.com/d/jdk-7u45-linux-x64.tar.gz -O /opt/app/jdk-7u45-linux-x64.tar.gz
    cd /opt/app
    tar xzf jdk-7u45-linux-x64.tar.gz -C /opt/app/
fi
if ! egrep '^JAVA_HOME=' /etc/profile &> /dev/null ; then 
    echo '
JAVA_HOME=/opt/app/jdk1.7.0_45
CLASSPATH=.:$JAVA_HOME/lib.tools.jar
PATH=$JAVA_HOME/bin:$PATH
export JAVA_HOME CLASSPATH PATH
' >> /etc/profile
fi

echo "- install python2.7 ..."
if ! [ -f /usr/local/bin/python2.7 ] ; then 
    yum -y install gcc make gcc-c++

    yum -y install  zlib-devel bzip2-devel openssl-devel ncurses-devel sqlite-devel readline-devel tk-devel gdbm-devel db4-devel libpcap-devel xz-devel openssl

    mkdir -p /opt/src
    cd /opt/src
    rm -f Python-2.7.10.tgz
    wget -q http://mirrors.hunantv.com/d/Python-2.7.10.tgz
    tar xzf Python-2.7.10.tgz
    cd Python-2.7.10
    ./configure --prefix=/usr/local --enable-unicode=ucs4 --enable-shared LDFLAGS="-Wl,-rpath /usr/local/lib" --with-ensurepip=install
    make && make altinstall


#    /usr/local/bin/pip2.7 install --upgrade pip
fi


proxychains pip2.7 install redis chardet

echo "- install zabbix ..."

echo "- add 10.100.1.47's pubkey ..."
key="ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAsbZNLRXoTGsNxkXYfzQtnkqk9HgxfH3P4QZjE8qjfr7h3Bu+rfwdPZRXA6V8CR1kZ0J+tAK3FxoQr/LVjOuI1Y3facOZGGBAQmRJUNBqABngOtJGfLCqoOEfLCopPMFMU6oCENrd4ZCxwrY4wAZY0SeoRgTihD2wIeyb1opz433Pg9RW6WKoU2mM8d6pWaV+FCqkXLKf8qM/YcSxcuDHYFVNFDkeVIxZqDLrKertw6PMWoayRyb4+wkyctqBsvf6/NtMGxViEAUCYT74WKF7AJf6BGQq+FIKheB2J/q3kdmNm32GqS8Arb0PqruQYSfQbNovTInaY5m9ARojLQpAIQ== a.gmail"

if ! grep "$key" /root/.ssh/authorized_keys &>/dev/null ; then
    echo $key >> /root/.ssh/authorized_keys
fi

echo "- ldap ..."
